Engagements may include assistance with risk assessment, internal audits, consulting services, and other audit-related projects. The contracted vendor will perform IT audit activities, including but not limited to: Evaluating IT governance, risk management, and control frameworks. Assessing cybersecurity practices and compliance with relevant regulations and standards. Auditing IT system implementations and upgrades. Reviewing data management, privacy, and security protocols. Identifying vulnerabilities in IT infrastructure and recommending mitigations. Providing detailed documentation and recommendations for remediation. Participating in meetings with the OIA to enhance understanding of processes and objectives.
